If you look at the freeradius source:
SSL_CTX_set_cipher_list(ctx, conf->cipher_list)This funktion is part of the openssl library... so it might be a problem.
And for customers who need RC4 (I had this problem last week), they have to set
the list to "DEFAULT".
https://extremeportal.force.com/ExtrArticleDetail?n=000012247
If you don't want to use RC4 but want to use the recommended list of ciphers
you have to set two options:
RADIUS_TLS_REMOVE_RC4_CIPHERS=false
RADIUS_TLS_CIPHER_LIST=HIGHIf you do not set any option, you get a
sorted list of HIGH ciphers.